2011 has just started, so it is time to look back at what has happened in the last year. Today we publish the 2010 Annual Security Report covering an extremely interesting year with regard to cyber-crime, cyber-war and cyber-activism.
In 2010, cyber-criminals have created and distributed a third of all existing viruses. That is, in just 12 months, they have created 34 percent of all malware that has ever existed and has been classified by the company. Furthermore, the Collective Intelligence system, which automatically detects, analyzes and classifies 99.4 percent of all malware received, currently stores 134 million unique files, out of which 60 million are malware (viruses, worms, Trojans and other computer threats).
Trojans still dominate the ranking of new malware that has appeared in 2010 (56 percent of all samples), followed by viruses and worms. It is interesting to note that 11.6 percent of all the malware gathered in the Collective Intelligence database is rogueware or fake antivirus software, a malware category that despite appearing only four years ago is creating much havoc among users.
The list of countries with the most infections is topped by Thailand, China and Taiwan, with 60 to 70 percent of infected computers (data gathered from the free scanning tool Panda ActiveScan in 2010).
Regarding infection methods, 2010 has seen hackers exploit social media, the positioning of fake websites (BlackHat SEO techniques) and zero-day vulnerabilities.
Spam has kept its position as one of the main threats in 2010, despite the fact that the dismantling of some botnets (like the famous Operation Mariposa or Bredolab) has prevented many computers from being used as zombies to send spam, which has had a positive effect in spam traffic worldwide. Last year, around 95 percent of all email traffic globally was spam, yet this figure dropped to an average of 85 percent in 2010.
2010: A year marked by cyber-crime, cyber-war and cyber-activism
Besides the above data, this has been the year of cyber-crime, cyber-war and cyber-activism. Cyber-crime is nothing new, as the security industry has been warning against it for many years now: Every new malware specimen is part of a business aimed at financial profit.
As for the second protagonist of the year, we have seen many examples of cyber-war in 2010, the most notorious being Stuxnet. This was a new worm that targeted nuclear power plants and actually managed to infect the Bushehr plant, as confirmed at least by the Iranian authorities. Simultaneously, a new worm appeared –“Here you have”–that spread using old-school methods and was created by a terrorist organization known as “Brigades of Tariq ibn Ziyad”. According to this group, their intention was to remind the United States of the 9-11 attacks and call for respect for the Islamic religion as a response to Pastor Terry Jones’ threat of burning the Quran.
And even though some aspects are still to be clarified, Operation Aurora has also been in the spotlight. The attack, allegedly launched from China, targeted employees of some large multinationals by installing a Trojan on their PCs that could access all their confidential information.
The year 2010 has also seen the appearance of a new phenomenon that has forever changed the relationship between society and the Internet: cyber-protests or hacktivism. This phenomenon, made famous by the Anonymous group, is not actually new, but has grabbed the headlines in 2010 for the coordinated DDoS attacks launched on copyright societies and their defense of Wikileaks founder Julian Assange.
Social networks, in the spotlight
Besides offering information about the main security holes in Windows and Mac, the 2010 Annual Security Report also covers the most important security incidents affecting the most popular social networking sites. Facebook and Twitter have been most affected, but there have also been attacks on other sites like LinkedIn or Fotolog, for example.
There are several techniques for tricking users: hickjacking Facebook’s “Like” button, stealing identities to send out messages from trusted sources, exploiting vulnerabilities in Twitter to run javascript code, distributing fake apps that redirect users to infected sites, etc.
The full report is available at http://press.pandasecurity.com/press-room/reports/.
Full story: PandaLabs Blog
